<?php

include "funct.php";

if (!isset($_SESSION["user"]) || $_SESSION["logat"] != 1)
	iesire();
else
	$user = user(clean($_SESSION["user"]));

if (isset($_POST["n_password"], $_POST["n_mail"], $_POST["password"])) {
	clean($_POST["password"]);
	clean($_POST["n_password"]);
	clean($_POST["n_mail"]);
	if (strlen($_POST["password"]) < 5 && (strlen($_POST["n_password"]) < 5 || strlen($_POST["n_mail"]) < 5))
		msg($lang["box_l"]);
	if (md5($_POST["password"]) == $user["password"]) {
		if (strlen($_POST["n_password"]) > 4)
			mysql_query("update " . $db["users"] . " set password='" . md5($_POST["n_password"]) . "' where id='" . $user["id"] . "'");
		if (v_mail($_POST["n_mail"]))
			mysql_query("update " . $db["users"] . " set email='" . $_POST["n_mail"] . "' where id='" . $user["id"] . "'");
		location("settings");
	}
	else
		msg($lang["r_password"]);
}
else
	iesire();
?>
